Real Stories

AVS – Three Lifesaving Letters for Internet Entrepreneurs

Posted on: Mar 27, 2008

Posted by: nMoncrief
Member since: Mar 24, 2008

Creek Financial Services Leesburg, GA
Share with friend

The Story

As the owner of a young e-commerce business, I wanted every sale I could get, and my optimism sometimes gave way to sound judgment. Any retail store owner would be alarmed by a customer waving a gun or screaming profanities. Unfortunately, "bad apples" aren't as easy to spot online. As an e-commerce owner, you should be careful who you accept as a customer. I learned this lesson the hard way in 2002. The following events happened when I was an owner of 2BigFeet.com.

The first incident occurred during the busy Christmas season when we received two large orders from somewhere in Europe. I knew the Address Verification Service (AVS) didn't work outside the U.S., but we had customers all over the world and nothing about these addresses alarmed me. And since we sold hard-to-find sizes, customers often ordered multiple pairs, so the size of the orders didn't get my attention, either. I shipped the shoes, collected the credit card payment, and forgot all about them - until a couple of months later when the chargeback notices arrived. The actual cardholder lived in Israel and had no connection to the two shipping addresses. To make a long story short, we didn't stand a chance. We ate the cost of the shoes and the shipping charges, and we had to return roughly $1,000 to the cardholder. We soon changed our policy to require payment by PayPal for orders from outside the U.S.

The second incident happened about a year later, again during our peak season. Our website, shopping cart, and gateway were set to automatically pre-authorize credit cards before we ever saw the orders. That kept us from having to deal with declined credit cards. One morning, we received a handful of orders for inexpensive items like socks. The orders came from Nigeria and were identical for the most part. AVS had flagged the orders, so when the "customer" didn't reply to my emails, I just set them aside. We made a change in our gateway settings to automatically reject all future orders from Nigeria, and we continued going about our business. Over the next few days, hundreds more of these bogus orders were attempted.

A couple of weeks later, our banker called. Our checking account was in the negative. After some Q&A, I realized none of our deposits had reached the bank since the orders from Nigeria had started arriving. After doing more research, we learned that credit card thieves will often pick websites that pre-authorize credit cards, and they use those websites as a tool to validate card numbers before they sell them. (They weren't interested in our socks, only our "service.") Long story short, our credit card processor, Total Merchant Services, had noticed the pattern and immediately put a hold on our deposits, all of them, for 180 days! TMS had 2 weeks' worth of deposits, and they wouldn't release a penny of it for six months. (But, as they explained, they had mailed us a letter to notify us. Wasn't that nice!?) We immediately changed processors and implemented even more internal policies.

Motivated partly by the horrendous customer service I received from our processor, I eventually started a business doing the same thing (only better.) Today, I handle the credit card processing for many large e-commerce clients, and here is what I tell them:

• Use AVS to pre-screen every customer. If possible, set up your gateway to do this automatically, before the orders are even accepted.
• Set up your shopping cart to collect both the billing and shipping addresses, and verify the billing addresses. If a customer won't or can't enter his billing address correctly, it usually indicates a problem.
• If a customer cares enough to call you because AVS rejected his order, ask if he has moved recently. If so, entering his old address will usually correct the problem.
• Don't take credit card payments from countries that don't support AVS. (It's generally limited to the U.S.) If an overseas cardholder denies placing an order from your company, you'll lose the chargeback automatically. Although Visa/MasterCard makes it easy to receive money from overseas, they won't support you when there's trouble.
• PayPal works great in those situations when you need to receive money from another country. Yes the fees are higher, but it's worth it.

Hopefully, you've learned something here that will keep you from making the same mistakes I made. If you think your practices might leave you vulnerable, call your credit card processor and ask for their help. You're paying for it, after all. Take time to learn the features included in your gateway and shopping cart, and use the tools at your disposal. But most of all you should remember, despite what they may tell you, nobody else cares as much about your business as you do! Take the initiative to ask questions about things you don't understand.